You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Found during the post-#90 review pass on PR #93. Low severity / narrow race; related to #87.
Problem
routes/diloco.py:_token_for_local matches a diloco_server JobRecord to a proxy target by (port, host) equality, treating loopback+matching-port as identity. If a DiLoCo server crashed/exited but its JobRecord hasn't transitioned out of {starting,running}, and the OS reused that port for an unrelated local listener, the proxy could attach the stale job's bearer token to a request aimed at the coincidental service.
Bounds: only fires while the record is still non-terminal (terminal records are filtered), the target must be a consented loopback base, and the leak is to a co-located service the operator already controls. So impact is limited, but the matcher trusts host:port as identity with no further binding.
Found during the post-#90 review pass on PR #93. Low severity / narrow race; related to #87.
Problem
routes/diloco.py:_token_for_localmatches adiloco_serverJobRecord to a proxy target by(port, host)equality, treating loopback+matching-port as identity. If a DiLoCo server crashed/exited but its JobRecord hasn't transitioned out of{starting,running}, and the OS reused that port for an unrelated local listener, the proxy could attach the stale job's bearer token to a request aimed at the coincidental service.Bounds: only fires while the record is still non-terminal (terminal records are filtered), the target must be a consented loopback base, and the leak is to a co-located service the operator already controls. So impact is limited, but the matcher trusts host:port as identity with no further binding.
Possible fixes
Ref: #90, #87.